Method and apparatus for session audit for control and user plane separation

ABSTRACT

There is provided a method for a session audit in a communication system having a first plane and a second plane. The method can be employed in a case in which the first plane is a control plane and the second plane is a user plane, or a case in which the first plane is a user plane and the second plane is a control plane. The first plane performs operations of (1) sending to the second plane, an association update request that contains a first vendor-specific information element (IE) having (a) a bit set to indicate a desire for a single control plane (CP) fully-qualified session identification (CP F-SEID), and (b) a CP F-SEID, and (2) receiving from the second plane, an association update response that contains a second vendor-specific IE having (a) the CP F-SEID, and (b) a mapped user plane (UP) fully-qualified session identification (UP F-SEID).

BACKGROUND OF THE DISCLOSURE 1. Field of the Disclosure

The present disclosure relates to communication systems that include acontrol plane and a user plane, and more particularly, to a techniquefor performing a session audit in such a communication system.

2. Description of the Related Art

The approaches described in this section are approaches that could bepursued, but not necessarily approaches that have been previouslyconceived or pursued. Therefore, the approaches described in thissection may not be prior art to the claims in this application and arenot admitted to be prior art by inclusion in this section.

Near the end of the present document, there is a section that includesdefinitions of acronyms.

A plane is a component in communication that is used to carry data oruser traffic, control traffic or management traffic. A user plane (UP)is defined to carry the data or user traffic (e.g., in case of a userequipment (UE) browsing an online video, the payloads that form thevideo are the user data). A control plane (CP) is defined to carrycontrol traffic (e.g., in case of a UE wanting to browse an onlinevideo, the initial/intermediate messages required to carry the setupbetween the UE and the online video, so that the UE can do thebrowsing). A management plane is defined to carry management specificsignaling, that can monitor a specific Network Equipment and itsfunctions (e.g., in case of a network administrator, wanting to do thestatus check on a given Network Equipment shall sendinitial/intermediate messages to the Network Equipment required to carrythe setup between his device and the network equipment. Along with this,the network administrator shall be able to collect the statisticsrequired for the status check from the network equipment).

3GPP has defined separate UP functions, e.g., PGW-U or UPF, that carryuser traffic from CP functions, e.g., PGW-C or SMF that carry thesignaling traffic to allow scalability of individual control and userplane nodes, allow flexible deployments where there can be a controlplane situated in a centralized location and user plane situated in adistributed (remote) location or vice versa. Keeping the abovepostulates as base, the gateways are decomposed into CP and UPfunctionalities.

A session is context that is created when the CP controls the packetprocessing in the UP by installing rules for packet processing.

The CP function performs a selection of its respective UP functionconsidering parameters of a PDU (Packet Data Unit) or PDN (Packet DataNetwork) session, i.e., a session that UE is starting for a givenservice such as internet. The parameters are UE's location information,features, and capacity of the UP function and services that are neededat the UE. Other than the above, the selection of UP function also takesthe UP function deployment scenarios as whether the UP is centrallylocated or distributed UP are located close the access, e.g., radio.Operator defined parameters like a given UP supporting a subset ofoptional functionalities like software version of the UP are also takeninto consideration while selection.

A control “session” is the term referred, which a CP creates with a UPfor signaling the establishment of a data path/connection. A data“connection” is the term used for a path that data packets of UserEquipment (UE) take to traverse.

The Control Plane (CP) (PGW-C or SMF) can request the User Plane(UP)(PGW-U or UPF) to create a PDU (Packet Data Unit) or PDN (PacketData Network) connection. This request contains the control session IDfor which the PDU/PDN connection is established. Each PDU/PDN connectioncorresponds to a control session ID (commonly known as CP F-SEID(Control Plane Fully-qualified Session Identification)). PFCP protocolis used between CP and UP that runs over a UDP transport. The CP F-SEIDis provided in a PFCP Session Establishment Request to the UP.

During a real-time scenario, it is possible that the PDU/PDN connectionsopened at the UP are no longer existing due to an HA or interfacerestart of which the CP is not informed. Also, it may be possible thatduring the HA or interface restart of the CP, the UP is not aware ofcurrently active control, e.g., PFCP, sessions. Such sessions orconnections for which one of CP or UP is not aware, but is existing inthe system, are termed as “Zombie”. Zombies are processor-consuming, andalso hamper the performance of the overall system.

The present document discloses a technique in which the CP and UPperform session audits that assist zombie session management.

SUMMARY OF THE DISCLOSURE

The present document discloses a method for a session audit in acommunication system having a first plane and a second plane. The methodcan be employed in a case in which the first plane is a control planeand the second plane is a user plane, or a case in which the first planeis a user plane and the second plane is a control plane.

In a first aspect of the method, the first plane performs operations of(1) sending to the second plane, an association update request thatcontains a first vendor-specific information element (IE) having (a) abit set to indicate a desire for a single control plane (CP)fully-qualified session identification (CP F-SEID), and (b) a CP F-SEID,and (2) receiving from the second plane, an association update responsethat contains a second vendor-specific IE having (a) the CP F-SEID, and(b) a mapped user plane (UP) fully-qualified session identification (UPF-SEID). Conversely, the second plane performs operations of receivingthe association update request, and sending the association updateresponse.

In a second aspect of the method, the first plane performs operations of(1) sending to the second plane, an association update request thatcontains a first vendor-specific information element (IE) having a bitset to indicate a desire for all control plane (CP) fully-qualifiedsession identifications (CP F-SEIDs) available at the second plane, and(2) receiving from the second plane, an association update response thatcontains multiple second vendor-specific IEs, each having (a) a CPF-SEID, and (b) a mapped user plane (UP) fully-qualified sessionidentification (UP F-SEID) available at the second plane. Conversely,the second plane performs operations of receiving the association updaterequest, and sending the association update response.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a communication system that includes CP andUP interworking.

FIG. 2 shows an exchange of messages between a UP and a CP in thecommunication system of FIG. 1 , in which the CP queries the UP for theexisting sessions at the UP.

FIG. 3 shows an exchange of messages between a UP and a CP in thecommunication system of FIG. 1 , in which the UP queries the CP for theexisting sessions at the CP.

A component or a feature that is common to more than one drawing isindicated with the same reference number in each of the drawings.

DESCRIPTION OF THE DISCLOSURE

FIG. 1 is a block diagram of a communication system, namely system 100,that includes CP and UP interworking. UE 101 is connected, via a radio110, to a UP 125. UE 105 is connected, via a radio 115, to UP 130. UP125 and UP 130 are connected to a CP 120, and to a router 135.

During regular operation of CP 120 and UPs 125 and 130, in a case ofmultiple control sessions, CP 120 or UPs 125 and 130 are not aware whichof the sessions are existing or zombie. Without a regular mechanism ofaudit, CP 120 or UPs 125 and 130 will never be made aware of thesessions that are active or have become zombie.

A session audit is a set of rules installed by the CP on the peer UP orvice versa for auditing (i.e., deriving the existence and validity of)the session on that peer.

Each of CP 120, UP 125 and UP 130 is an apparatus that includeselectronic circuitry that performs operations to execute methods orprocesses described herein. The circuity may be implemented with any orall of (a) discrete electronic components, (b) firmware, or (c) aprogrammable circuit that includes a processor and a memory. Such aprocessor is an electronic device configured of logic circuitry thatresponds to and executes instructions. Such a memory is a tangible,non-transitory, computer-readable storage device encoded with a computerprogram. In this regard, the memory stores data and instructions, i.e.,program code, that are readable and executable by the processor forcontrolling operations of the processor. The memory may be implementedin a random-access memory (RAM), a hard drive, a read only memory (ROM),or a combination thereof.

Such a processor and memory may be implemented in a computer. Thecomputer can be a standalone device or coupled to other devices in adistributed processing system.

Additionally, the program code may be configured on a storage device forsubsequent loading into the memory. Such a storage device is a tangible,non-transitory, computer-readable storage device, and examples include(a) a compact disk, (b) a magnetic tape, (c) a read only memory, (d) anoptical storage medium, (e) a hard drive, (f) a memory unit consistingof multiple parallel hard drives, (g) a universal serial bus (USB) flashdrive, (h) a random-access memory, and (i) an electronic storage devicecoupled the components of system 100 via a data communication network.

The program code may be configured in one or more modules. The term“module” is used herein to denote a functional operation that may beembodied either as a stand-alone component or as an integratedconfiguration of a plurality of subordinate components. Thus, a modulemay be implemented as a single module or as a plurality of sub-ordinatemodules that operate in cooperation with one another.

Problem Statement

-   (A) The sessions are created at regular intervals. However, during    the HA of the NF (CP or UP) or during the interface reset, the    sessions may be terminated. However, the same information about the    termination may not be communicated to the peer NF (UP or CP).-   (B) Audit is a time-consuming procedure as it requires large amount    of data to be sent across. This may hamper the further processing of    new sessions.

Solution

For the solution, the following shall be done:

(A) The following procedures are defined:

a. CP or UP will send a PFCP Association Update Request containing avendor-specific IE (Query Session Record IE) with the CP F-SEID.Multiple IE(s) are sent if there is more than one CP F-SEID to bequeried. ALL keyword can be additionally used.

b. The peer node (UP or CP) shall send a PFCP Association UpdateResponse containing a vendor-specific IE (Query Session Report IE) withthe CP F-SEID and mapped UP F-SEID. “Mapped” UP F-SEID are the F-SEID ofthe UP, which have context available with the CP F-SEID requested in thePFCP message. If no UP F-SEID exists for this CP F-SEID, then UP F-SEIDis not sent in the IE.

c. Multiple Query Session Response IE(s) are sent if there is more thanone CP F-SEID queried.

d. F-SEID for which the session does not exist, the node (CP or UP) willclear the sessions.

(i) CP Performing Audit

FIG. 2 shows an exchange of messages between UP 125 and CP 120, in whichCP 120 queries UP 125 for the existing sessions at UP 125.

Operation 201. CP 120 sends to UP 125 the Association Update Requestmessage containing the Query Session Record IE. The IE contains theQuery Bit and optionally CP F-SEID IE for which the audit is to be done.Multiple Query Session Record IE is possible in a message if there is arequest to query more than one CP SEID. The Query bit set to 1 shallindicate that all the CP F-SEID existing at the peer NF are to beaudited. In this case the Query Session Record IE will not contain theCP F-SEID IE.

Operation 202. UP 125 sends to CP 120 the Association Update Responsemessage containing the Query Session Report IE. The IE contains themapping of CP F-SEID IE with the UP F-SEID IE that exists for thesession. If no UP F-SEID exists for the CP F-SEID, then the UP F-SEID isnot sent.

Local cleanup at the NF (UP 125 or CP 120) will be done for sessionswhich do not have UP F-SEID available.

(ii) UP Performing Audit

FIG. 3 shows an exchange of messages between UP 125 and CP 120, in whichUP 125 queries CP 120 for the existing sessions at CP 120.

Operation 301. UP 125 sends to CP120 the Association Update Requestmessage containing the Query Session Record IE. The IE contains theQuery Bit and optionally CP F-SEID IE for which the audit is to be done.Multiple Query Session Record IE is possible in a message if there is arequest to query more than one CP SEID. The Query bit set to 1 shallindicate that all the CP F-SEID existing at the peer NF are to beaudited. In this case the Query Session Record IE will not contain theCP F-SEID IE.

Operation 302. CP 120 sends the Association Update Response message toUP 125 containing the Query Session Report IE. The IE contains themapping of CP F-SEID IE with the UP F-SEID IE that exists for thesession. If no UP F-SEID exists for the CP F-SEID, then the UP F-SEID isnot sent.

Local cleanup at the NF (UP 125 or CP 120) will be done for sessionswhich do not have UP F-SEID available.

(iii) IE Details

1. Query Session Record IE shall be detailed as below:

-   (i) Query All Bit if it is set, then CP F-SEID shall not be    provided.-   (ii) Query All Bit if it is not set, then CP F-SEID shall be    provided.-   (iii) CP F-SEID shall be the CP side Session ID.

2. Query Session Report IE shall be detailed as below:

-   (i) CPFSEID Bit if it is set, then CP F-SEID shall be provided.-   (ii) UPFSEID Bit if it is set, then UP F-SEID shall be provided.

(B) At the NF (UP 125 or CP 120) there shall be time and spaceconfiguration provided to send the Audit IEs (Query Session Report IE)in different messages after sending the first Association SetupResponse, if the number of Audit IEs are large in number and cannot beaccommodated in a single Response message.

a. In order to do so, the Query Session Report IE shall include asequence identifier to identify this IE in the Association Setupresponse. It shall set a flag, “more IE to follow”.

b. The remaining IE shall be injected in any new message(s) that NF issending, provided the message has the space to carry it.

c. The last “Query Session Response IE” shall unset the flag “more IE tofollow” bit.

3GPP, while recommending the CP and UP separation, does not recommendany procedures for audit of the PDU/PDN sessions existing on the UP orCP. This creates an issue on the NF where a number of sessions arecreated or released at any given time, but the other functionality doesnot know about the actual status of the existing session. This canhappen due to network packet losses, loss of messages, or internalmalfunction of the NF that results in non-update of the contexts wherethe session information is stored.

System 100 addresses the problem of mismatch of the existing sessions,where audit of a session existing in peer functionality is performedwithout impacting the 3GPP defined procedures. The audit helps inreleasing the sessions that are not existing in the system, or inre-creating them if needed.

With UP and CP separation, the session loss is a common observation, andin absence of 3GPP defined procedure, it is difficult to audit thesessions. System 100 executes a process to audit the sessions.

If the number of sessions is too large, then system 100 sends theaudited structures in different messages.

The solution disclosed herein is applicable for 5G, 4G and GPRSnetworks.

-   (a) In a 5G network, the CP is SMF and the UP is UPF.-   (b) In a 4G network, the CP is a PGW-C, TDF-C or SGW-C, and the UP    is PGW-U, TDF-U or SGW-U respectively.-   (c) In a GPRS network, the CP is GGSN-C and the UP is a GGSN-U.    In the above-mentioned operations, the CP or UP executes the    procedures for the audit in accordance with the solution disclosed    herein.

Thus, there is provided a method for a session audit in a communicationsystem having a first plane and a second plane. The method can beemployed in a case in which the first plane is a control plane, e.g., CP120, and the second plane is a user plane, e.g., UP 125, or a case inwhich the first plane is a user plane, e.g., UP 125, and the secondplane is a control plane, e.g., CP 120.

In a first aspect of the method, the first plane performs operations of(1) sending to the second plane, an association update request thatcontains a first vendor-specific information element (IE) having (a) abit set to indicate a desire for a single control plane (CP)fully-qualified session identification (CP F-SEID), and (b) a CP F-SEID,and (2) receiving from the second plane, an association update responsethat contains a second vendor-specific IE having (a) the CP F-SEID, and(b) a mapped user plane (UP) fully-qualified session identification (UPF-SEID). Conversely, the second plane performs operations of receivingthe association update request, and sending the association updateresponse.

In a second aspect of the method, the first plane performs operations of(1) sending to the second plane, an association update request thatcontains a first vendor-specific information element (IE) having a bitset to indicate a desire for all control plane (CP) fully-qualifiedsession identifications (CP F-SEIDs) available at the second plane, and(2) receiving from the second plane, an association update response thatcontains multiple second vendor-specific IEs, each having (a) a CPF-SEID, and (b) a mapped user plane (UP) fully-qualified sessionidentification (UP F-SEID) available at the second plane. Conversely,the second plane performs operations of receiving the association updaterequest, and sending the association update response.

The first plane may perform a further operation of sending to the secondplane, a subsequent message that includes a query session record IE.

The first plane may perform a further operation of receiving from thesecond plane, a subsequent message that includes a query session reportIE.

The CP F-SEID is a CP-generated fully-qualified session ID, and the UPF-SEID is a UP-generated fully-qualified session ID sent by the secondplane within a query session report IE in a packet forwarding controlprotocol (PFCP) message for a requested CP F-SEID in a query sessionrecord IE.

The implementation described herein is exemplary and should not beconstrued as implying any particular limitation on the presentdisclosure. It should be understood that various alternatives,combinations and modifications could be devised by those skilled in theart. For example, operations associated with the processes describedherein can be performed in any order, unless otherwise specified ordictated by the operations themselves. The present disclosure isintended to embrace all such alternatives, modifications and variancesthat fall within the scope of the appended claims.

Acronyms

-   3GPP 3^(rd) Generation Partnership Project-   4G 4^(th) Generation-   5G 5^(th) Generation-   5GC 5G Core Network-   5GS 5G System-   ALL A value in query bit of query session record IE to instruct the    NF to send all available mapping of CP F-SEID to UP F-SEID available    with it.-   CP Control Plane-   CP F-SEID Control Plane Fully-qualified Session Identification-   DL Downlink-   GGSN-C Gateway GPRS Support Node-Control-   GGSN-U Gateway GPRS Support Node-User-   GPRS General Packet Radio Services-   HA High Availability-   ID Identification-   IE Information Element-   NF Network Function-   PDN Packet Data Network-   PDU Packet Data Unit-   PFCP Packet Forwarding Control Protocol-   PGW-C Packet Gate Way (Control)-   PGW-U Packet Gate Way (User)-   SGW-U Signaling Gateway-User-   SMF Session Management Function-   TDF-C Traffic Detection Function-Control-   TDF-U Traffic Detection Function-User-   UDP User Datagram Protocol-   UE User Equipment-   UL Uplink-   UP User Plane-   UPF User Plane Function-   UP F-SEID User Plane Fully-qualified Session Identification

The terms “comprises” or “comprising” are to be interpreted asspecifying the presence of the stated features, integers, operations orcomponents, but not precluding the presence of one or more otherfeatures, integers, operations or components or groups thereof. Theterms “a” and “an” are indefinite articles, and as such, do not precludeembodiments having pluralities of articles.

What is claimed is:
 1. A method for a session audit in a communicationsystem having a first plane and a second plane, wherein said methodcomprises said first plane performing operations of: sending to saidsecond plane, an association update request that contains a firstvendor-specific information element (IE) having (a) a bit set toindicate a desire for a single control plane (CP) fully-qualifiedsession identification (CP F-SEID), and (b) a CP F-SEID; and receivingfrom said second plane, an association update response that contains asecond vendor-specific IE having (a) said CP F-SEID, and (b) a mappeduser plane (UP) fully-qualified session identification (UP F-SEID). 2.The method of claim 1, further comprising: sending to said second plane,a subsequent message that includes a query session record IE.
 3. Themethod of claim 1, further comprising: receiving from said second plane,a subsequent message that includes a query session report IE.
 4. Themethod of claim 1, wherein said CP F-SEID is a CP-generatedfully-qualified session ID, and wherein said UP F-SEID is a UP-generatedfully-qualified session ID sent by said second plane within a querysession report IE in a packet forwarding control protocol (PFCP) messagefor a requested CP F-SEID in a query session record IE.
 5. The method ofclaim 1, wherein said first plane is a control plane and said secondplane is a user plane.
 6. The method of claim 1, wherein said firstplane is a user plane and said second plane is a control plane.
 7. Anapparatus comprising: electronic circuitry adapted to perform theoperations of the method of claim
 1. 8. A non-transitory storage device,comprising: instructions that are readable by a processor to cause saidprocessor to perform the operations of the method of claim
 1. 9. Amethod for a session audit in a communication system having a firstplane and a second plane, wherein said method comprises said secondplane performing operations of: receiving from said first plane, anassociation update request that contains a first vendor-specificinformation element (IE) having (a) a bit set to indicate a desire for asingle control plane (CP) fully-qualified session identification (CPF-SEID), and (b) a CP F-SEID; and sending to said first plane, anassociation update response that contains a second vendor-specific IEhaving (a) said CP F-SEID, and (b) a mapped user plane (UP)fully-qualified session identification (UP F-SEID).
 10. An apparatuscomprising: electronic circuitry adapted to perform the operations ofthe method of claim
 9. 11. A non-transitory storage device, comprising:instructions that are readable by a processor to cause said processor toperform the operations of the method of claim
 9. 12. A method for asession audit in a communication system having a first plane and asecond plane, wherein said method comprises said first plane performingoperations of: sending to said second plane, an association updaterequest that contains a first vendor-specific information element (IE)having a bit set to indicate a desire for all control plane (CP)fully-qualified session identifications (CP F-SEIDs) available at saidsecond plane; and receiving from said second plane, an associationupdate response that contains multiple second vendor-specific IEs, eachhaving (a) a CP F-SEID, and (b) a mapped user plane (UP) fully-qualifiedsession identification (UP F-SEID) available at said second plane. 13.The method of claim 12, further comprising: sending to said secondplane, a subsequent message that includes a query session record IE. 14.The method of claim 12, further comprising: receiving from said secondplane, a subsequent message that includes a query session report IE. 15.The method of claim 12, wherein each said CP F-SEID is a CP-generatedfully-qualified session ID, and wherein each said UP F-SEID is aUP-generated fully-qualified session ID sent by said second plane withina query session report IE in a packet forwarding control protocol (PFCP)message in a query session record IE available at said second plane. 16.The method of claim 12, wherein said first plane is a control plane andsaid second plane is a user plane.
 17. The method of claim 12, whereinsaid first plane is a user plane and said second plane is a controlplane.
 18. An apparatus comprising: electronic circuitry adapted toperform the operations of the method of claim
 12. 19. A non-transitorystorage device, comprising: instructions that are readable by aprocessor to cause said processor to perform the operations of themethod of claim
 12. 20. A method for a session audit in a communicationsystem having a first plane and a second plane, wherein said methodcomprises said second plane performing operations of: receiving fromsaid first plane, an association update request that contains a firstvendor-specific information element (IE) having a bit set to indicate adesire for all control plane (CP) fully-qualified sessionidentifications (CP F-SEIDs) available at said second plane; and sendingto said first plane, an association update response that containsmultiple second vendor-specific IEs, each having (a) a CP F-SEID, and(b) a mapped user plane (UP) fully-qualified session identification (UPF-SEID) available at said second plane.
 21. An apparatus comprising:electronic circuitry adapted to perform the operations of the method ofclaim
 20. 22. A non-transitory storage device, comprising: instructionsthat are readable by a processor to cause said processor to perform theoperations of the method of claim 20.